My m0n0 is logging as blocked everything that is going through via NAT.
I am struggling to figure out why packets that are allowed and are
being passed (and NATed) are logged as blocked.
I realize that I could turn off "Log packets blocked by default rules",
but I do want to log incoming attempts to ports that aren't NATed.
Those would be blocked by an implicit rule, so I am afraid I would lose
that important information if I turned off the logging of default rule
blocks. Also, I still fail to understand why things that are passed
are logged as blocked.
Any pointers to some enlightenment would be welcome.
--
Jeffrey Goldberg http://www.goldmark.org/jeff/